Collaborate Disseminate
How could one verify the integrity of all binaries of packages installed manually via installers and dpkg on Debian/Linux?
So far the only thing I could think of is this:
verify that which veracrypt returns /usr/bin/veracrypt
As I pointed out here in February 2022, people who gained brief direct or remote access to a machine can change the volume step or other things regarding sudden large changes to the sound volume (for example via xbindkeys or shortcuts).
Th… Continue reading Mitigating vulnerabilities in audio libraries that cause physical damage
Is there any way to find out if any of the vulnerabilities of older Logitech Unifying Receiver firmware was exploited? I’m referring to the vulnerabilities listed here including these.
On GNU/Linux/Debian it can be patched with fwupdmgr up… Continue reading Is there any way to find out if a Logitech Unifying Receiver vulnerability was exploited?
I ran sudo chkrootkit and it displayed me the warning:
Searching for Linux.Xor.DDoS … INFECTED: Possible Malicious Linux.Xor.DDoS installed
/tmp/.veracrypt_aux_mnt1/volume
/tmp/.veracrypt_aux_mnt1/control
I think it’s a false positive… Continue reading What’s "/tmp/.veracrypt_aux_mnt1/volume" for? [migrated]
I’d like to have a table of executables that are allowed to be run on the machine with everything else not getting executed even when the executable flag is set. For instance via a config file like this:
| command | location … Continue reading Is there a way to specify in a table which executables (via locations & hashes) are allowed to run on Debian? [migrated]
To help ensure authenticity of packages some projects on GitHub and on GitLab add hashsums to the descriptions of the release on the Releases page.
Sometimes, at least here, the hashsum are made part of the release’s filename. Sometimes, a… Continue reading How can the authenticity of releases on GitHub and GitLab be ensured? Can their hashsums change?
Could these two attack scenarios exploit the recently publicized vulnerability?
Using a Thunderbolt adapter like an USB-to-Thunderbolt adapter on a computer without any Thunderbolt port
Temporarily replacing hardware (mainboard) with har… Continue reading Are Thunderbolt-enabled computers without Thunderbolt ports vulnerable to Thunderspy?
I’m running Debian10/KDE with the nftables firewall enabled on my host machine and would like to test my phone. In the virtual machine I’m running Kali Linux with bettercap and am trying to sniff traffic from my phone connected to the same… Continue reading Why does bettercap not capture any traffic and why is its web UI just a blank page?
Currently the best technical option to protect against malicious javascript seems to be using the NoScript browser AddOn.
However this way is very inconvenient and not used by the majority of web users. For example there is… Continue reading How could one implement a collective protection mechanism against malicious javascript?
Currently the best technical option to protect against malicious javascript seems to be using the NoScript browser AddOn.
However this way is very inconvenient and not used by the majority of web users. For example there is… Continue reading How could one implement a collective protection mechanism against malicious javascript?